1#!/usr/local/bin/perl --
2# $Id: YaBB AdminIndex$
3# $HeadURL: YaBB $
4# $Source: /AdminIndex.pl $
5###############################################################################
6# AdminIndex.pl                                                               #
7# $Date: 12.02.14                                                             #
8###############################################################################
9# YaBB: Yet another Bulletin Board                                            #
10# Open-Source Community Software for Webmasters                               #
11# Version:        YaBB 2.6.11                                                 #
12# Packaged:       December 2, 2014                                            #
13# Distributed by: http://www.yabbforum.com                                    #
14# =========================================================================== #
15# Copyright (c) 2000-2014 YaBB (www.yabbforum.com) - All Rights Reserved.     #
16# Software by:  The YaBB Development Team                                     #
17#               with assistance from the YaBB community.                      #
18###############################################################################
19no warnings qw(uninitialized once redefine);
20use CGI::Carp qw(fatalsToBrowser);
21use English qw(-no_match_vars);
22our $VERSION = '2.6.11';
23
24### Version Info ###
25$YaBBversion     = 'YaBB 2.6.11';
26$adminindexplver = 'YaBB 2.6.11 $Revision: 1611 $';
27
28# Make sure the module path is present
29push @INC, './Modules';
30
31if ( $ENV{'SERVER_SOFTWARE'} =~ /IIS/sm ) {
32    $yyIIS = 1;
33    if ( $PROGRAM_NAME =~ m{(.*)(\\|/)}xsm ) {
34        $yypath = $1;
35    }
36    $yypath =~ s/\\/\//gxsm;
37    chdir $yypath;
38    push @INC, $yypath;
39}
40
41$adminscreen = 1;
42
43$yyexec      = 'YaBB';
44$script_root = $ENV{'SCRIPT_FILENAME'};
45if ( !$script_root ) {
46    $script_root = $ENV{'PATH_TRANSLATED'};
47}
48$script_root =~ s/\/AdminIndex\.(pl|cgi)//igxsm;
49
50require Paths;
51require Variables::Settings;
52
53# Check always for Time::HiRes
54eval { require Time::HiRes; import Time::HiRes qw(time); };
55$START_TIME = time;
56
57require './Sources/Subs.pm';
58require Sources::System;
59require Sources::DateTime;
60require Sources::Load;
61
62LoadCookie();          # Load the user's cookie (or set to guest)
63LoadUserSettings();    # Load user settings
64WriteLog();            # write into the logfile
65WhatTemplate();        # Figure out which template to be using.
66WhatLanguage();        # Figure out which language file we should be using!
67get_micon();
68
69if ($debug) { require Sources::Debug; }
70if ($referersecurity) {
71    referer_check();
72}                      # Check if the action is allowed from an external domain
73
74require Sources::Security;
75banning();             # Check for banned people
76
77if ( !$maintenance && -e "$vardir/maintenance.lock" ) { $maintenance = 2; }
78
79# some maintenance stuff will stop after $max_process_time
80# in seconds, than the browser will call the script again
81# until all is done. Don't put it too high or you will run
82# into server or browser timeout.
83$max_process_time = 20;
84
85$action = $INFO{'action'};
86local $SIG{__WARN__} = sub { fatal_error( 'error_occurred', "@_" ); };
87eval { yymain(); };
88if ($@) { fatal_error( 'untrapped', ":<br />$@" ); }
89
90sub yymain {
91
92    # Choose what to do based on the form action
93    if ( $maintenance && $action eq 'login2' ) {
94        require Sources::LogInOut;
95        Login2();
96    }
97
98    # Do Sessions Checking
99    if ( !$iamguest && $sessions == 1 && $sessionvalid != 1 ) {
100        $yySetLocation = qq~$scripturl?action=revalidatesession~;
101        redirectexit();
102    }
103
104    # Other users can do nothing here.
105    if ( !$iamadmin && !$iamgmod ) {
106        if ($maintenance) { require Sources::LogInOut; InMaintenance(); }
107        $yySetLocation = qq~$scripturl~;
108        redirectexit();
109    }
110
111    if ($iamgmod) {
112        require "$vardir/gmodsettings.txt";
113        if ( !$allow_gmod_admin ) {
114            $yySetLocation = qq~$scripturl~;
115            redirectexit();
116        }
117    }
118
119    if ( $action ne q{} ) {
120        if ( $action eq $randaction ) {
121            require Sources::Decoder;
122            convert();
123        }
124        else {
125            require Admin::AdminSubList;
126            if ( $director{$action} ) {
127                my @act = split /&/xsm, $director{$action};
128                require "$admindir/$act[0]";
129                &{ $act[1] };
130            }
131            else {
132                require Admin::Admin;
133                Admin();
134            }
135        }
136    }
137    else {
138        TrackAdminLogins();
139        require Admin::Admin;
140        Admin();
141    }
142    return;
143}
144
145sub ParseNavArray {
146    my @x = @_;
147    foreach my $element (@x) {
148        chomp $element;
149        ( $action_to_take, $vistext, $whatitdoes, $isheader ) =
150          split /\|/xsm, $element;
151
152        if ( $action_area eq $action_to_take ) {
153            $currentclass = 'class="current"';
154        }
155        else {
156            $currentclass = q{};
157        }
158
159        if ($isheader) {
160            $started_ul = 1;
161            $leftmenu .= qq~
162        <h3><a href="javascript:toggleList('$isheader')" title="$whatitdoes">$vistext</a></h3>
163        <ul id="$isheader">~;
164            next;
165        }
166
167        if ( $iamgmod && $gmod_access{$action_to_take} ne 'on' ) {
168            next;
169        }
170
171        if ( $action_to_take ne q{#} ) {
172            $leftmenu .= qq~
173            <li><a href="$adminurl?action=$action_to_take" title="$whatitdoes" $currentclass>$vistext</a></li>~;
174        }
175        else {
176            $leftmenu .= qq~
177            <li><a title="none">$vistext</a></li>~;
178        }
179    }
180
181    if ($started_ul) {
182        $leftmenu .= q~
183        </ul>~;
184    }
185    return;
186}
187
188sub AdmImgLoc {
189    my ($img) = @_;
190    if ( !-e "$htmldir/Templates/Forum/$useimages/$img" ) {
191        $thisimgloc = qq~img src="$yyhtml_root/Templates/Forum/default/$img"~;
192    }
193    else { $thisimgloc = qq~img src="$imagesdir/$img"~; }
194    return $thisimgloc;
195}
196
197sub AdmImgLoc2 {
198    my ($img) = @_;
199    if ( !-e "$htmldir/Templates/Forum/$useimages/$img" ) {
200        $thisimgloc = qq~$yyhtml_root/Templates/Forum/default/$img~;
201    }
202    else { $thisimgloc = qq~$imagesdir/$img~; }
203    return $thisimgloc;
204}
205
206sub AdminTemplate {
207    $admin_template = ${ $uid . $username }{'template'};
208    if ( !-d "$htmldir/Templates/Admin/$admin_template"
209        || $admin_template eq q{} )
210    {
211        $admin_template = 'default';
212    }
213
214    $adminstyle =
215qq~<link rel="stylesheet" href="$yyhtml_root/Templates/Admin/$admin_template.css" type="text/css" />~;
216    $adminstyle =~ s/$admin_template\///gxsm;
217
218    $adminimages = qq~$yyhtml_root/Templates/Admin/$admin_template~;
219    $adminimages =~ s/$admin_template\///gxsm;
220    require "$templatesdir/$admin_template/AdminCentre.template";
221    require "$vardir/gmodsettings.txt";
222
223    @forum_settings = (
224        "|$admintxt{'a1_title'}|$admintxt{'a1_label'} - $admintxt{'34'}|a1",
225        "newsettings;page=main|$admintxt{'a1_sub1'}|$admintxt{'a1_label1'}|",
226        "newsettings;page=advanced|$admintxt{'a1_sub2'}|$admintxt{'a1_label2'}|",
227        "editpaths|$admintxt{'a1_sub3'}|$admintxt{'a1_label3'}|",
228        "editbots|$admintxt{'a1_sub4'}|$admintxt{'a1_label4'}|",
229    );
230    if ($extendedprofiles) {
231        splice @forum_settings, 3, 0,
232          "ext_admin|$admintxt{'a1_sub_ex'}|$admintxt{'a1_label_ex'}|";
233    }
234
235    @general_controls = (
236        "|$admintxt{'a2_title'}|$admintxt{'a2_label'} - $admintxt{'34'}|a2",
237        "newsettings;page=news|$admintxt{'a2_sub1'}|$admintxt{'a2_label1'}|",
238        "smilies|$admintxt{'a2_sub2'}|$admintxt{'a2_label2'}|",
239        "setcensor|$admintxt{'a2_sub3'}|$admintxt{'a2_label3'}|",
240        "modagreement|$admintxt{'a2_sub4'}|$admintxt{'a2_label4'}|",
241        "gmodaccess|$admintxt{'a2_sub5'}|$admintxt{'a2_label5'}|",
242        "eventcal_set|$admintxt{'a2_sub6'}|$admintxt{'a2_label6'}|",
243        "bookmarks|$admintxt{'bookmarks'}|$admintxt{'bookmarks1'}|"
244    );
245
246    @security_settings = (
247        "|$admintxt{'a3_title'}|$admintxt{'a3_label'} - $admintxt{'34'}|a3",
248        "newsettings;page=security|$admintxt{'a3_sub2'}|$admintxt{'a3_label2'}|",
249        "referer_control|$admintxt{'a3_sub1'}|$admintxt{'a3_label1'}|",
250        "setup_guardian|$admintxt{'a3_sub3'}|$admintxt{'a3_label3'}|",
251        "newsettings;page=antispam|$admintxt{'a3_sub4'}|$admintxt{'a3_label4'}|",
252        "spam_questions|$admintxt{'a3_sub6'}|$admintxt{'a3_label6'}|",
253        "setreserve|$admintxt{'a6_sub6'}|$admintxt{'a6_label6'}|",
254    );
255
256    @forum_controls = (
257        "|$admintxt{'a4_title'}|$admintxt{'a4_label'} - $admintxt{'34'}|a4",
258        "managecats|$admintxt{'a4_sub1'}|$admintxt{'a4_label1'}|",
259        "manageboards|$admintxt{'a4_sub2'}|$admintxt{'a4_label2'}|",
260        "helpadmin|$admintxt{'a4_sub3'}|$admintxt{'a4_label3'}|",
261        "editemailtemplates|$admintxt{'a4_sub4'}|$admintxt{'a4_label4'}|",
262    );
263
264    @forum_layout = (
265        "|$admintxt{'a5_title'}|$admintxt{'a5_label'} - $admintxt{'34'}|a5",
266        "modskin|$admintxt{'a5_sub1'}|$admintxt{'a5_label1'}|",
267        "modcss|$admintxt{'a5_sub2'}|$admintxt{'a5_label2'}|",
268#        "modtemp|$admintxt{'a5_sub3'}|$admintxt{'a5_label3'}|",
269    );
270
271    @member_controls = (
272        "|$admintxt{'a6_title'}|$admintxt{'a6_label'} - $admintxt{'34'}|a6",
273        "addmember|$admintxt{'a6_sub1'}|$admintxt{'a6_label1'}|",
274        "view_reglog|$admintxt{'a8_sub5'}|$admintxt{'a8_label5'}|",
275        "viewmembers|$admintxt{'a6_sub2'}|$admintxt{'a6_label2'}|",
276        "modmemgr|$admintxt{'a6_sub3'}|$admintxt{'a6_label3'}|",
277        "mailing|$admintxt{'a6_sub4'}|$admintxt{'a6_label4'}|",
278        "ipban|$admintxt{'a6_sub5'}|$admintxt{'a6_label5'}|",
279    );
280
281    @maintence_controls = (
282        "|$admintxt{'a7_title'}|$admintxt{'a7_label'} - $admintxt{'34'}|a7",
283        "newsettings;page=maintenance|$admin_txt{'67'}|$admin_txt{'67'}|",
284        "backupsettings|$admintxt{'a3_sub5'}|$admintxt{'a3_label5'}|",
285        "rebuildmesindex|$admintxt{'a7_sub2a'}|$admintxt{'a7_label2a'}|",
286        "boardrecount|$admintxt{'a7_sub2'}|$admintxt{'a7_label2'}|",
287        "rebuildmemlist|$admintxt{'a7_sub4'}|$admintxt{'a7_label4'}|",
288        "membershiprecount|$admintxt{'a7_sub3'}|$admintxt{'a7_label3'}|",
289        "rebuildmemhist|$admintxt{'a7_sub4a'}|$admintxt{'a7_label4a'}|",
290        "rebuildnotifications|$admintxt{'a7_sub4b'}|$admintxt{'a7_label4b'}|",
291        "clean_log|$admintxt{'a7_sub1'}|$admintxt{'a7_label1'}|",
292        "deleteoldthreads|$admintxt{'a7_sub5'}|$admintxt{'a7_label5'}|",
293        "manageattachments|$admintxt{'a7_sub6'}|$admintxt{'a7_label6'}|",
294    );
295
296    @forum_stats = (
297        "|$admintxt{'a8_title'}|$admintxt{'a8_label'} - $admintxt{'34'}|a8",
298        "detailedversion|$admintxt{'a8_sub1'}|$admintxt{'a8_label1'}|",
299        "stats|$admintxt{'a8_sub2'}|$admintxt{'a8_label2'}|",
300        "showclicks|$admintxt{'a8_sub3'}|$admintxt{'a8_label3'}|",
301        "errorlog|$admintxt{'a8_sub4'}|$admintxt{'a8_label4'}|",
302    );
303
304    @boardmod_mods = (
305        "|$admintxt{'a9_title'}|$admintxt{'a9_label'} - $admintxt{'34'}|a9",
306        "modlist|$mod_list{'6'}|$mod_list{'7'}|",
307    );
308
309    # To add new items for your mods settings, add a new row below here, pushing
310    # your item onto the @boardmod_mods array. Example below:
311    #     $my_mod = "action_to_take|Name_Displayed|Tooltip_Title|";
312    #     push (@boardmod_mods, "$my_mod");
313    # before the first pipe character is the action that will appear in the URL
314    # Next is the text that is displayed in the admin centre
315    # Finally, you have the tooltip text, necessary for XHTML compliance
316
317    # Also note, you should pick a unique name instead of "$my_mod".
318    # If you mod is called "SuperMod For Doing Cool Things"
319    # You could use "$SuperMod_CoolThings"
320
321### BOARDMOD ANCHOR ###
322### END BOARDMOD ANCHOR ###
323
324    ParseNavArray(@member_controls);
325    ParseNavArray(@maintence_controls);
326    ParseNavArray(@forum_settings);
327    ParseNavArray(@general_controls);
328    ParseNavArray(@security_settings);
329    ParseNavArray(@forum_controls);
330    ParseNavArray(@forum_layout);
331    ParseNavArray(@forum_stats);
332    ParseNavArray(@boardmod_mods);
333
334    $topmenu_one = qq~<a href="$boardurl/$yyexec.$yyext">$admintxt{'15'} $mbname</a>~;
335    $topmenu_two = qq~<a href="$adminurl">$admintxt{'33'}</a>~;
336    $topmenu_tree =
337      qq~<a href="$scripturl?action=help;section=admin">$admintxt{'35'}</a>~;
338    $topmenu_four = qq~<a href="http://www.yabbforum.com" target="_blank">$admintxt{'36'}</a>~;
339
340    if ($maintenance && $action ne 'detailedversion') {
341        $yyadmin_alert .=
342qq~<br /><span style="font-size: 12px; background-color: #FFFF33;"><b>$load_txt{'616a'}</b></span><br /><br />~;
343    }
344    if ( $iamadmin && $rememberbackup && $action ne 'detailedversion' ) {
345        if ( $lastbackup && $date > $rememberbackup + $lastbackup ) {
346            require Sources::DateTime;
347            $yyadmin_alert .=
348qq~<br /><span style="font-size: 12px; background-color: #FFFF33;"><b>$load_txt{'617'} ~
349              . timeformat($lastbackup)
350              . q~</b></span>~;
351        }
352    }
353
354    print_output_header();
355
356    my $yytitle = qq~$mbname $admin_txt{'208'}: $yytitle~;
357    $header =~ s/({|<)yabb\ title(}|>)/$yytitle/gxsm;
358    $header =~ s/({|<)yabb\ style(}|>)/$adminstyle/gxsm;
359    $header =~ s/({|<)yabb\ charset(}|>)/$yymycharset/gxsm;
360    $header =~ s/({|<)yabb\ javascript(}|>)/$yyjavascript/gxsm;
361
362    $leftmenutop =~ s/({|<)yabb\ images(}|>)/$adminimages/gxsm;
363    $leftmenutop =~ s/({|<)yabb\ maintenance(}|>)/$yyadmin_alert/gxsm;
364    $topnav      =~ s/({|<)yabb\ topmenu_one(}|>)/$topmenu_one/xsm;
365    $topnav      =~ s/({|<)yabb\ topmenu_two(}|>)/$topmenu_two/xsm;
366    $topnav      =~ s/({|<)yabb\ topmenu_tree(}|>)/$topmenu_tree/xsm;
367    $topnav      =~ s/({|<)yabb\ topmenu_four(}|>)/$topmenu_four/xsm;
368    $topnav      =~ s/({|<)yabb\ brdname(}|>)/$mbname/xsm;
369
370    if ($debug) { Debug(); }
371    $mainbody =~ s/({|<)yabb\ main(}|>)/$yymain/gxsm;
372    $mainbody =~ s/({|<)yabb_admin\ debug(}|>)/$yydebug/gxsm;
373
374    $mainbody =~ s/img src\=\"$imagesdir\/(.+?)\"/AdmImgLoc($1)/eisgm;
375    $mainbody =~
376s/img src\=\&quot\;$imagesdir\/(.+?)\&quot;/"img src\=\&quot;" . AdmImgLoc2($1) . "\&quot;"/eisgm;
377
378    # For the template editing Javascript images
379
380    $output =
381        $header
382      . $leftmenutop
383      . $leftmenu
384      . $leftmenubottom
385      . $topnav
386      . $mainbody;
387
388    image_resize();
389
390    print_HTML_output_and_finish();
391    return;
392}
393
394sub TrackAdminLogins {
395    if ( -e "$vardir/adminlog_new.txt" ) {
396        fopen( ADMINLOG, "$vardir/adminlog_new.txt" );
397        @adminlog = <ADMINLOG>;
398        fclose(ADMINLOG);
399        @adminlog = reverse sort @adminlog;
400    }
401    $maxadminlog = $maxadminlog || 5;
402    fopen( ADMINLOG, ">$vardir/adminlog_new.txt" );
403    print {ADMINLOG} qq~$date|$username|$user_ip\n~
404      or croak 'cannot print ADMINLOG';
405    for my $i ( 0 .. ( $maxadminlog - 2 ) ) {
406        if ( $adminlog[$i] ) {
407            chomp $adminlog[$i];
408            print {ADMINLOG} qq~$adminlog[$i]\n~
409              or croak 'cannot print ADMINLOG';
410        }
411    }
412
413    fclose(ADMINLOG);
414    return;
415}
416